1621
|
- |
|
-
|
-
|
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, …
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2024-3727
|
2024-09-17 07:15 |
2024-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1622
|
5.5 |
MEDIUM
Local
|
amd
|
enterprise_driver radeon_pro_software radeon_software radeon_rx_vega_56_firmware radeon_rx_vega_64_firmware ryzen_3_2200ge_firmware ryzen_3_2200g_firmware ryzen_5_2400ge_firmware…
|
Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poi…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2021-26393
|
2024-09-17 07:15 |
2022-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1623
|
7.5 |
HIGH
Network
identity_and_directory_management_system_project
|
identity_and_directory_management_system
|
The Identity and Directory Management System developed by Çekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.…
|
CWE-35
Path Traversal: '.../...//'
|
CVE-2022-2265
|
2024-09-17 07:15 |
2022-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1624
|
5.4 |
MEDIUM
Network
|
wedevs
|
wp_project_manager
|
Authenticated (subscriber or higher user role if allowed to access projects) Stored Cross-Site Scripting (XSS) vulnerability in weDevs WP Project Manager plugin <= 2.4.13 versions.
|
CWE-79
Cross-site Scripting
|
CVE-2021-36826
|
2024-09-17 07:15 |
2022-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1625
|
7.5 |
HIGH
Network
ibm
|
security_verify_information_queue
|
IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attack…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2021-20409
|
2024-09-17 07:15 |
2021-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1626
|
- |
|
-
|
-
|
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issu…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-5564
|
2024-09-17 06:15 |
2024-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1627
|
3.7 |
LOW
Network
|
wpulike
|
wp_ulike
|
Unauth. Race Condition vulnerability in WP ULike Plugin <= 4.6.4 on WordPress allows attackers to increase/decrease rating scores.
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2022-45842
|
2024-09-17 06:15 |
2022-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1628
|
8.2 |
HIGH
Network
karmasis
|
infraskope_siem\+
|
Karmasis Informatics Infraskope SIEM+
has an unauthenticated access vulnerability which could allow an unauthenticated attacker to obtain critical information.
|
CWE-20
Improper Input Validation
|
CVE-2022-24037
|
2024-09-17 06:15 |
2022-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1629
|
7.8 |
HIGH
Local
|
amd
|
enterprise_driver radeon_pro_software radeon_software radeon_rx_vega_56_firmware radeon_rx_vega_64_firmware ryzen_3_2200ge_firmware ryzen_3_2200g_firmware ryzen_5_2400ge_firmware…
|
Insufficient verification of missing size check in 'LoadModule' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading …
|
CWE-787
Out-of-bounds Write
|
CVE-2021-26392
|
2024-09-17 06:15 |
2022-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1630
|
8.8 |
HIGH
Network
|
solarwinds
|
orion_platform
|
A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.
|
CWE-89
SQL Injection
|
CVE-2022-36961
|
2024-09-17 06:15 |
2022-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|